33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 6,851–6,900 of 8,314 in Critical · page 138 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-24288 | CVE-2025-24288 CVSS 9.8 | The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most… |
| CVE-2025-24285 | CVE-2025-24285 CVSS 9.8 | Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to t… |
| CVE-2025-24273 | CVE-2025-24273 CVSS 9.8 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5.… |
| CVE-2025-24269 | CVE-2025-24269 CVSS 9.8 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to cause unexpected system termination. |
| CVE-2025-24266 | CVE-2025-24266 CVSS 9.8 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may… |
| CVE-2025-24265 | CVE-2025-24265 CVSS 9.8 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app… |
| CVE-2025-24264 | CVE-2025-24264 CVSS 9.8 | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18… |
| CVE-2025-24263 | CVE-2025-24263 CVSS 9.8 | A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprot… |
| CVE-2025-24260 | CVE-2025-24260 CVSS 9.8 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a p… |
| CVE-2025-24259 | CVE-2025-24259 CVSS 9.8 | This issue was addressed with additional entitlement checks. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.… |
| CVE-2025-24256 | CVE-2025-24256 CVSS 9.8 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able t… |
| CVE-2025-24253 | CVE-2025-24253 CVSS 9.8 | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may b… |
| CVE-2025-24250 | CVE-2025-24250 CVSS 9.8 | This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious a… |
| CVE-2025-24249 | CVE-2025-24249 CVSS 9.8 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A… |
| CVE-2025-24247 | CVE-2025-24247 CVSS 9.8 | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker ma… |
| CVE-2025-24246 | CVE-2025-24246 CVSS 9.8 | An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be … |
| CVE-2025-24245 | CVE-2025-24245 CVSS 9.8 | This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be able to access… |
| CVE-2025-24241 | CVE-2025-24241 CVSS 9.8 | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app … |
| CVE-2025-24238 | CVE-2025-24238 CVSS 9.8 | A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.… |
| CVE-2025-24237 | CVE-2025-24237 CVSS 9.8 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma… |
| CVE-2025-24233 | CVE-2025-24233 CVSS 9.8 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicio… |
| CVE-2025-24232 | CVE-2025-24232 CVSS 9.8 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious a… |
| CVE-2025-24231 | CVE-2025-24231 CVSS 9.8 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modif… |
| CVE-2025-24230 | CVE-2025-24230 CVSS 9.8 | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, m… |
| CVE-2025-24211 | CVE-2025-24211 CVSS 9.8 | This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5… |
| CVE-2025-2421 | CVE-2025-2421 CVSS 9.8felisify | Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: b… |
| CVE-2025-24207 | CVE-2025-24207 CVSS 9.8 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app ma… |
| CVE-2025-24204 | CVE-2025-24204 CVSS 9.8 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. |
| CVE-2025-24201 | Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability KEVCVSS 10.0Apple | Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to bre… |
| CVE-2025-24195 | CVE-2025-24195 CVSS 9.8 | An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user … |
| CVE-2025-24190 | CVE-2025-24190 CVSS 9.8 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5,… |
| CVE-2025-24181 | CVE-2025-24181 CVSS 9.8 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app ma… |
| CVE-2025-24178 | CVE-2025-24178 CVSS 9.8 | This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14… |
| CVE-2025-24172 | CVE-2025-24172 CVSS 9.8 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "… |
| CVE-2025-24167 | CVE-2025-24167 CVSS 9.8 | This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A d… |
| CVE-2025-24154 | CVE-2025-24154 CVSS 9.1 | An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, … |
| CVE-2025-24146 | CVE-2025-24146 CVSS 9.8 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3… |
| CVE-2025-24102 | CVE-2025-24102 CVSS 9.8 | The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may b… |
| CVE-2025-2410 | CVE-2025-2410 CVSS 9.1 | Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compr… |
| CVE-2025-24093 | CVE-2025-24093 CVSS 9.8 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app ma… |
| CVE-2025-2409 | CVE-2025-2409 CVSS 9.1 | File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issu… |
| CVE-2025-24085 | Apple Multiple Products Use-After-Free Vulnerability KEVCVSS 10.0Apple | Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges. |
| CVE-2025-24028 | CVE-2025-24028 CVSS 9.6 | Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is cause… |
| CVE-2025-24024 | CVE-2025-24024 CVSS 9.1 | Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't ope… |
| CVE-2025-24016 | Wazuh Server Deserialization of Untrusted Data Vulnerability KEVCVSS 9.9Wazuh | Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers. |
| CVE-2025-23993 | CVE-2025-23993 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RiceTheme Felan Framework felan-framework allows SQL Inje… |
| CVE-2025-23970 | CVE-2025-23970 CVSS 9.8 | Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking sf-booking allows Privilege Escalation.This issue affects Service Finder Booki… |
| CVE-2025-23968 | CVE-2025-23968 CVSS 9.1 | Unrestricted Upload of File with Dangerous Type vulnerability in WebFactory AiBud WP aibuddy-openai-chatgpt allows Upload a Web Shell to a Web Server.This issu… |
| CVE-2025-23967 | CVE-2025-23967 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpopal GG Bought Together for WooCommerce gg-bought-toget… |
| CVE-2025-23953 | CVE-2025-23953 CVSS 10.0 | Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects… |